A New Scalable Botnet Detection Method in the Frequency Domain

Bottazzi, Giovanni; Italiano, Giuseppe F.; Rutigliano, Giuseppe Giulio

doi:10.1007/978-3-319-97181-0_7

Cited by 1 publication

(2 citation statements)

References 20 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The adaptability of NTFS+, fortified b y m achine learning, positions it as a resilient bulwark, capable of not only confronting current ransomware typologies but also showing promising potential to evolve in anticipation of future threats [10]. The findings d erived f rom t he N TFS+ s tudy illuminate the considerable merits of integrating advanced computational techniques with established cybersecurity methodologies [36], [21]. Such integration is shown to elevate the protective measures significantly, offering a fortified defense layer against the persistently evolving ransomware landscape [22].…”

Section: A Interpretation Of Findingsmentioning

confidence: 83%

“…Ransomware prevention encompasses an array of solutions, both technical and policy-oriented [11], [2], [8]. Technically, the development of endpoint security solutions, which integrate state-of-the-art threat prevention capabilities, play an instrumental role in thwarting the execution of ransomware attacks [9], [20], [36]. These solutions are adept at identifying and neutralizing potential threats before they can inflict damage [5], [10], [27].…”

Section: B Ransomware Preventionmentioning

confidence: 99%

See 1 more Smart Citation

NTFS+: An Enhanced NTFS File System Against Ransomware Invasions

Gu,

Kang

2023

Preprint

View full text Add to dashboard Cite

Ransomware poses a significant threat to digital security, evolving rapidly with sophisticated encryption and data exfiltration tactics. This study introduces NTFS+, an enhanced version of the New Technology File System (NTFS), designed to combat these emerging ransomware threats. NTFS+ integrates machine learning, specifically Generative Adversarial Networks, to detect abnormal file system activities indicative of ransomware attacks. The system's core architecture features minifilter drivers that analyze file access patterns in real-time, enabling proactive response to potential threats. Evaluation of NTFS+ demonstrates its efficacy in accurately distinguishing between benign and ransomware activities, with a focus on minimizing false positives and negatives. Despite its effectiveness, challenges such as zero-day ransomware attacks highlight areas for future improvement, including enhanced learning capabilities and cloud integration. NTFS+ represents a significant advancement in file system-based ransomware mitigation, offering a scalable, adaptable, and robust solution for modern cybersecurity needs.

show abstract